Phishing or Pharming Fraud Tips
Phishing is a common scam where fraudsters send emails asking the recipients to verify personal information over the Internet.
The emails contain a link to replicas of existing web sites. Once the recipients click on the link and are directed to the replica web site, they are deceived into entering personal information, such as credit card information, debit card information or credit union/bank account information. Often the fraudsters will use urgency or scare tactics, such as threats to close accounts, to get the recipients to respond.
HFCU will never send you an email asking you to verify account information. We will also never threaten to close your account via email. If you receive a suspicious-looking email message claiming to be from HFCU, please Contact Us. We continually monitor such reports and act on them promptly.
To protect yourself against phishing scams, we offer the following advice:
- Be suspicious of any email that uses an urgent or scare-tactic tone.
- Do not respond to email messages asking you to verify personal information.
- Delete suspicious email messages without opening them. If you do open a suspicious email message, do not open any attachments or click any links.
- Install and regularly update virus protection software.
- Keep your computer operating system and Web browser current.
If you become the victim of a phishing scheme, please contact the FBI's Internet Crime Complaint Center (IC3).
Pharming is a growing scheme where the fraudsters take over a legitimate website. The victims, unaware of the scam, believe they are at the real website. When they enter their account information, the criminals capture it.
How does Pharming work? It subverts a basic service of the Internet known as the Domain Name Service, or "DNS". Each machine connected to the Internet knows the location of one or more DNS servers. This service translates a human-friendly URL name into an IP address (a unique number assigned to each web server on the Internet).
To execute pharming, suspects first must gain access to the DNS server used by many people, such as the server of an ISP (internet service provider). Once accessed, the suspect will replace the IP number for the financial institution URL with the IP number of the fraudulent website. When this occurs, any person using that DNS server will be redirected, silently, to the fraudulent website.
The good news is pharming requires either an unpatched software/server vulnerability to exist on the DNS server itself or the criminal needs an insider at the ISP or financial institution to make unauthorized DNS server changes. This is rare.
Please be assured that HFCU manages its DNS server software to maintain the highest level of security to protect our members.
If you are ever suspicious about a website, please contact the FBI's Internet Fraud Complaint Center at Internet Crime Complaint Center (IC3).
What to Do if you are a Victim of Identity Theft, Phishing or Pharming
HFCU recommends that you never respond to emails asking you to verify personal information. But accidents happen, and the following information could be useful if you've been scammed.
If you have given out your credit, debit or ATM card information:
- Report the incident to the card issuer immediately.
- Cancel your account and open a new one.
- Review billing/monthly statements carefully after the incident.
- If the statements show unauthorized charges, contact the card issuer/financial institution immediately.
If you have given out your personal identification information:
Identity theft occurs when someone uses your personal information such as your name, Social Security number, credit card number or other identifying information, without your permission to commit fraud or other crimes. If you have given this information to a phisher, you should do the following:
- Report the theft to the three major credit reporting agencies, Experian, Equifax and TransUnion Corporation, and do the following:
- Request that they place a fraud alert and a victim's statement in your file
- Request a FREE copy of your credit report to check whether any accounts were opened without your consent
- Request that the agencies remove inquiries and/or fraudulent accounts stemming from the theft
- Notify your financial institution(s) and ask them to flag your account and contact you regarding any unusual activity.
- If credit union/bank accounts were set up without your consent, close them.
- If your ATM/debit card was stolen, close it and get a new card.
- Contact your local police department to file a criminal report.
- Contact the Social Security Administration's Fraud Hotline to report the unauthorized use of your personal identification information.
- Notify the Department of Motor Vehicles of your identity theft. Check to see whether an unauthorized license number has been issued in your name.
- Notify the passport office to watch for anyone ordering a passport in your name.
- File a complaint with the Federal Trade Commission; Ask for a free copy of "ID Theft: When Bad Things Happen in Your Good Name."
- File a complaint with the Internet Crime Complaint Center (IC3) by visiting their website: http://www.ic3.gov/default.aspx
- For victims of Internet fraud, IC3 provides a convenient and easy reporting mechanism that alerts authorities of suspected criminal or civil violations.
- Document the names and phone numbers of everyone you speak with regarding the incident. Follow-up your phone calls with letters. Keep copies of all correspondence.
If you have downloaded a virus or 'Trojan Horse':
Some phishing attacks use viruses and/or a 'Trojan Horse' to install programs called "key loggers" on your computer. These programs capture and distribute any information you type to the phisher, including credit card numbers, usernames and passwords, Social Security Numbers, etc. If this occurs, you likely may not be aware.
To minimize this risk, you should:
- Install and/or update anti-virus and personal firewall software.
- Update all virus definitions and run a full scan.
- If your system still appears compromised, fix it and then change your password again.